Compromising Containers and Clusters

Containers seem to be everywhere these days, from application development pipelines to deployed in massive clusters supporting major corporate platforms. As with any newish technology there’s new and fun ways to attack and compromise these systems. This talk will take a look at some of the ways you can break out of containerized systems and attack standalone Docker daemons armed with nothing more than curl and ssh then look at how we can go from existing in a Kubernetes cluster to owning the whole environment.

This talk was delivered to BSides Atlanta in 2020 and a recording is available here


© 2022. All rights reserved.